Commit 08e9e5337383 fixed proper initialization of the dns-resolve
module, and made DNS resolution asynchronous.
A side effect of that change revealed a long standing logic bug
which broke ovsdb-server listener configuration using DNS names.
Previously this worked because the DNS resolution would block,
now that DNS resolution is asynchronous the code before this
change would assume the error from jsonrpc_pstream_open meant
the remote was a specification for an active outgoing
connection, even when that was not the case.
To fix this a couple of changes was made to socket-util:
1) Pass optional result of dns resolution from inet_parse_passive.
When (re-)configuring listeners that use DNS names, we may need
to know whether the provided connection string is invalid or if
the provided DNS name has finished resolving.
2) Check dns resolution status in inet_open_passive.
If the connection string is valid, and contains a DNS name,
inet_open_passive will now return -EAGAIN if dns resolution
failed. DNS resolution failure may either mean the asynchronous
resolver has not completed yet, or that the name does not resolve.
Reported-at: https://bugs.launchpad.net/bugs/1998781
Fixes: 08e9e5337383 ("ovsdb: raft: Fix inability to read the database with DNS host names.")
Fixes: 771680d96fb6 ("DNS: Add basic support for asynchronous DNS resolving")
Signed-off-by: Frode Nordahl <frode.nordahl@canonical.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
Clustered OVSDB allows to use DNS names as addresses of raft members.
However, if DNS resolution fails during the initial database read,
this causes a fatal failure and exit of the ovsdb-server process.
Also, if DNS name of a joining server is not resolvable for one of the
followers, this follower will reject append requests for a new server
to join until the name is successfully resolved. This makes a follower
effectively non-functional while DNS is unavailable.
To fix the problem relax the address verification. Allowing validation
to pass if only name resolution failed and the address is valid
otherwise. This will allow addresses to be added to the database, so
connections could be established later when the DNS is available.
Additionally fixing missed initialization of the dns-resolve module.
Without it, DNS requests are blocking. This causes unexpected delays
in runtime.
Fixes: 771680d96fb6 ("DNS: Add basic support for asynchronous DNS resolving")
Reported-at: https://bugzilla.redhat.com/2055097
Acked-by: Dumitru Ceara <dceara@redhat.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
These functions failed to build on OS X because MSG_WAITFORONE is not
defined there. There are pitfalls for trying to define our own MSG_*
constants, since it's hard to pick a constant that is not used by the
system already. Because OVS only uses recvmmsg() and sendmmsg() on
Linux, it seems easiest to just emulate them there.
Reported-by: Ilya Maximets <i.maximets@ovn.org>
Acked-by: Ilya Maximets <i.maximets@ovn.org>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Not every system will have recvmmsg(), so introduce compatibility code
that will allow it to be used blindly from the rest of the tree.
This assumes that recvmmsg() and sendmmsg() are either both present or
both absent in system libraries and headers.
CC: Yi Yang <yangyi01@inspur.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
When 'make check' is called by the mock rpm build (which disables networking),
the test "ovn-nbctl: LBs - daemon" fails when it runs the command
"ovn-nbctl lb-add lb0 30.0.0.1a 192.168.10.10:80,192.168.10.20:80". ovn-nbctl
extracts the vip by calling the socket util function 'inet_parse_active()',
and this function blocks when libunbound function ub_resolve() is called
further down. ub_resolve() is a blocking function without timeout and all the
ovs/ovn utilities use this function.
As reported by Timothy Redaelli, the issue can also be reproduced by running
the below commands
$ sudo unshare -mn -- sh -c 'ip addr add dev lo 127.0.0.1 && \
mount --bind /dev/null /etc/resolv.conf && runuser $SUDO_USER'
$ make sandbox SANDBOXFLAGS="--ovn"
$ ovn-nbctl -vsocket_util:off lb-add lb0 30.0.0.1a \
192.168.10.10:80,192.168.10.20:80
To address this issue, this patch adds a new bool argument 'resolve_host' to
the function inet_parse_active() to resolve the host only if it is 'true'.
ovn-nbctl/ovn-northd will pass 'false' when it calls this function to parse
the load balancer values.
Reported-by: Timothy Redaelli <tredaelli@redhat.com>
Reported-at: https://bugzilla.redhat.com/show_bug.cgi?id=1641672
Signed-off-by: Numan Siddique <nusiddiq@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
The existing functions for working with sockaddr_storage that contain an
IPv4 or IPv6 address are useful. This commit adds more functions for
working with them, as well as a parallel set of functions for struct
sockaddr.
This also adds an initial user for some of the new sockaddr functions in
netdev.c.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Mark Michelson <mmichels@redhat.com>
I didn't realize until now that the tree had two different ways of parsing
strings in the form <host>:<port> and <port>:<host>. There are the
long-standing inet_parse_active() and inet_parse_passive() functions, and
more recently the ipv46_parse() function. This commit eliminates the
latter and changes the code to use the former.
The two implementations interpreted some input differently. In particular,
the older functions required IPv6 addresses to be [bracketed], but the
newer ones do not. For compatibility this patch changes the merged code to
use the more liberal interpretation.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Mark Michelson <mmichels@redhat.com>
Until now, the default_port parameters to these functions have had
different types and different behavior. There is a reason for this, since
it makes sense to listen on a kernel-selected port but it does not make
sense to connect to a kernel-selected port, but this overlooks the
possibility that a caller might want to parse a string in the format
understood by inet_parse_active() without actually using it to connect to
a remote host. This commit makes the behavior consistent and updates all
the callers to work with the new semantics.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Mark Michelson <mmichels@redhat.com>
This better reuses existing code. It does require adding a slight variant
on ss_format_address(), but it still seems like a net win.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Mark Michelson <mmichels@redhat.com>
C++ does not allow implicit conversion from void pointer to a specific
pointer type. This change adds explicit typecasts to appropriate types
wherever needed.
Signed-off-by: Shireesh Kumar Singh <shireeshkum@vmware.com>
Signed-off-by: Sairam Venugopal <vsairam@vmware.com>
Co-authored-by: Sairam Venugopal <vsairam@vmware.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
It's occasionally convenient to format into a fixed-size buffer, but
as the use cases, and the text to be formatted, get more sophisticated,
it becomes easier to deal with "struct ds *" than a buffer pointer and
length pair. An upcoming commit will make ss_format_address() do more
work, and I think that this is the point at which it becomes easier to
take a dynamic string. This commit makes the parameter type change
without yet changing what is formatted.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Tested-by: Numan Siddique <nusiddiq@redhat.com>
Acked-by: Numan Siddique <nusiddiq@redhat.com>
FreeBSD returns a socklen of sockaddr_storage when doing an accept on an unix
STREAM socket. The current code will assume it means a sun_path larger than 0.
That breaks some tests like the one below which don't expect to find "unix::" on
the logs.
As a Linux abstract address would not have a more useful name either, it's
better to check that sun_path starts with a non-zero byte and return 0 length in
case it doesn't.
402: ovs-ofctl replace-flows with --bundle FAILED (ovs-ofctl.at:2928)
2016-07-08T12:44:30.068Z|00020|vconn|DBG|unix:: sent (Success): OFPT_HELLO (OF1.6) (xid=0x1):
Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
These functions will be used by the next patches.
Signed-off-by: Jiri Benc <jbenc@redhat.com>
Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
syslog_direct_create defined in (lib/syslog-direct.c) uses make_unix_socket
which is currently undefined on the windows build.
We either can remove the new file from the chain but this patch proposes
to define a wrapper to make_unix_socket in which we return EINVAL.
This will avoid this kind of problems in the future.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Acked-by: Eitan Eliahu <eliahue@vmware.com>
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
The set_dscp() function, until now, tried to set the DSCP as IPv4 and as
IPv6. This worked OK on Linux, where an ENOPROTOOPT error made it really
clear which one was wrong, but FreeBSD uses EINVAL instead, which has
multiple meanings and which it therefore seems somewhat risky to ignore.
Instead, this commit just tries to set the correct address family's DSCP
option.
Tested by Alex Wang on FreeBSD 9.3.
Reported-by: Atanu Ghosh <atanu@acm.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Co-authored-by: Alex Wang <alexw@nicira.com>
Signed-off-by: Alex Wang <alexw@nicira.com>
Tested-by: Alex Wang <alexw@nicira.com>
On Windows platform, TCP_NODELAY can only be set when TCP is established.
(This is an observed behavior and not written in any MSDN documentation.)
The current code does not create any problems while running unit tests
(because connections get established immediately) but is reportedly
observed while connecting to a different machine.
commit 8b76839(Move setsockopt TCP_NODELAY to when TCP is connected.)
made changes to call setsockopt with TCP_NODELAY after TCP is connected
only in lib/stream-ssl.c. We need the same change for stream-tcp too and
this commit does that.
Currently, a failure of setting TCP_NODELAY results in reporting
the error and then closing the socket. This commit changes that
behavior such that an error is reported if setting TCP_NODELAY
fails, but the connection itself is not torn down.
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
So far, we log the kernel assigned port number when the port number is
not specified. On Windows, this happens multiple times because "unix"
sockets are implemented internally via TCP ports. This means that many tests,
specially the ovs-ofctl monitor tests, need to filter out the
additional messages. Doing that is not a big deal, but I think it will
keep manifesting in future tests added by Linux developers.
With this commit, we simply don't print the kernel assigned TCP ports
on Windows when done for "unix" sockets.
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Windows does have pipes (the interface is a little different).
We mostly use pipes in Linux to synchronize between parent and
children and also to handle fatal signals and then wake from poll_loop().
For Windows, we are using events for the same purpose. So don't
implement pipes for Windows.
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Netlink sockets are created as blocking sockets. So, we can't
afford to remove MSG_DONTWAIT for Linux.
drain_rcvbuf() is currently called from netlink-socket.c and
netdev-linux.c. As of now, I don't see it being used for Windows.
Bug #1200865.
Reported-by: Len Gao <leng@vmware.com>
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
get_null_fd() is only called from daemon.c.
It does not need thread safety features anymore as
it is called either through daemonize_start() or
indirectly through daemonize_complete() once.
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
get_max_fds() is used only from process.c. Move it there
along with rlim_is_finite(). Since process_start() can only
be called before any additional threads are created, we
no longer need the thread safety checks in get_max_fds().
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
There is no direct mapping for the ioctl function in
Windows. As of now, af_inet_ioctl() is being used for Linux
and BSD. So, don't try to compile it for Windows.
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Windows defines the 'optval' argument as char * instead of void *.
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
For Windows sockets, one has to call closesocket() to
close the sockets.
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
This commit creates events and through poll_fd_wait_event()
associates them with socket file descriptors to get woken up
from poll_block().
Some other changes:
* Windows does not have sys/fcntl.h but has a fcntl.h
On Linux, there is fctnl.h too.
* include <openssl/applink.c> to handle different C-Runtime linking
of OVS and openssl libraries as suggested at
https://www.openssl.org/support/faq.html#PROG2
The above include will not be needed if we compile Open vSwitch with
/MD compiler option.
* SHUT_RDWR is equivalent to SD_BOTH on Windows.
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
For winsock2 functions, error number has to be converted to string
using FormatMessage().
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Does not add IPv6 support for in-band control.
Co-authored-by: Ben Pfaff <blp@nicira.com>
Signed-off-by: Nandan Nivgune <nandan.nivgune@calsoftinc.com>
Signed-off-by: Abhijit Bhopatkar <abhijit.bhopatkar@calsoftinc.com>
Signed-off-by: Arun Sharma <arun.sharma@calsoftinc.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
A Windows porter mentioned to me that these functions caused special
trouble in the Windows port. However, they are no longer used, so we
might as well remove them.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Andy Zhou <azhou@nicira.com>
The only uses of 'af_inet_sock', in both drivers, were ioctls, so it seemed
like a good abstraction to write a function that just does such an ioctl,
and to factor out shared code into socket-util.
Signed-off-by: Ben Pfaff <blp@nicira.com>
CC: Ed Maste <emaste@freebsd.org>
while this change don't seem to be necessary on NetBSD-current,
NetBSD-6 is the latest release at this point.
Signed-off-by: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>
Signed-off-by: Ben Pfaff <blp@nicira.com>
It will be used later for dynamic dscp change to listening socket.
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Ben Pfaff <blp@nicira.com>
These will be used in upcoming commits.
This commit also adds corresponding definitions to the "sparse" header,
so that sparse still works.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Nothing in the tree ever tries to send or receive credentials over a Unix
domain socket so there's no point in configuring them to be received.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Replaced all instances of Nicira Networks(, Inc) to Nicira, Inc.
Feature #10593
Signed-off-by: Raju Subramanian <rsubramanian@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
There are two sensible ways to represent the 6 DSCP bits of an IP
packet. One could represent them as an integer in the range 0 to
63. Or one could represent them as they would appear in the tos
field (0 to 63) << 2. Before this patch, OVS had used the former
method for the DSCP bits in the Queue Table, and the latter for the
DSCP in the Controller and Manager tables. Since the ability to
set DSCP bits in the Controller and Manager tables is so new that
it hasn't been released yet, this patch changes it to use the
existing style employed in the Queue table. Hopefully this should
make the code and configuration less confusing.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
The DSCP_INVALID flag allowed callers to prevent socket-util from
modify the DSCP bits of newly created sockets. However, the two
really important callers (implementations of the controller and
manager tables) never used it. Furthermore, the other callers
would be fine always setting the DSCP bits to zero. This patch
removes the DSCP_INVALID option in an effort to simplify the code.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
The changes allow the user to specify a separate dscp value for the
controller connection and the manager connection. The value will take
effect on resetting the connections. If no value is specified a default
value of 192 is chosen for each of the connections.
Feature #10074
Requested-by: Rajiv Ramanathan <rramanathan@nicira.com>
Signed-off-by: Mehak Mahajan <mmahajan@nicira.com>
This patch fixes the following compiler warning:
lib/socket-util.c:621:5: error: comparison is always false due to
limited range of data type [-Werror=type-limits]
